Closed
Bug 1498909
Opened 6 years ago
Closed 6 years ago
oskeystore: dynamically load libsecret if available (and fall back to nss otherwise)
Categories
(Core :: Security: PSM, defect, P1)
Tracking
()
RESOLVED
FIXED
mozilla66
| Tracking | Status | |
|---|---|---|
| firefox-esr60 | --- | unaffected |
| firefox62 | --- | unaffected |
| firefox63 | --- | wontfix |
| firefox64 | --- | wontfix |
| firefox65 | --- | wontfix |
| firefox66 | --- | fixed |
People
(Reporter: jbeich, Assigned: keeler)
References
(Blocks 1 open bug)
Details
(Whiteboard: [psm-assigned])
Attachments
(1 file)
libsecret is a Gnome thing but Gnome is available one more than just Linux e.g., BSD and Solaris derivatives. Webkit and Blink already use libsecret on FreeBSD and OpenBSD.
status-firefox62:
--- → unaffected
status-firefox63:
--- → wontfix
status-firefox-esr60:
--- → unaffected
Whiteboard: [npotb]
Firefox 64 built fine `when=toolkit_gtk` (before bug 1498450) on FreeBSD. Can you switch Linux conditional to include all GTK platforms in bug 1492305?
Flags: needinfo?(franziskuskiefer)
|
||
Comment 2•6 years ago
|
||
Since linking at build time doesn't seem to acceptable we'll have to vendor libsecret.
Blocks: 1492305
Flags: needinfo?(franziskuskiefer)
Summary: Enable libsecret on Tier3 platforms → Vendor libsecret
|
||
Updated•6 years ago
|
Summary: Vendor libsecret → Vendor libsecret in Firefox code base
|
||
Comment 3•6 years ago
|
||
Why should it be vendored ? Can't we just have --with-system-libsecret like other dependencies ? I don't understand this issue here..
|
|
||
Comment 4•6 years ago
|
||
Supposedly libsecret isn't installed on build machines and thus won't be picked up. Linking at runtime makes this explode as we'd have to define all the glib types necessary here. Vendoring it seems the best way to me or do you have a better option?
Flags: needinfo?(landry)
|
|
||
Comment 5•6 years ago
|
||
why cant you require libsecret to be installed on build machines as a blessed dependency like it's done for any other dependency like gtk/etc ? 'linking at runtime' seems crazy...
Flags: needinfo?(landry)
|
|
||
Comment 6•6 years ago
|
||
I really don't have strong opinions on this (other than runtime linking isn't the way to go). But I'm no build system peer and don't know how these decisions are made. Let's ask them.
Flags: needinfo?(mh+mozilla)
|
||
Comment 7•6 years ago
|
||
(In reply to Franziskus Kiefer [:franziskus] from comment #6)
> (other than runtime linking isn't the way to go)
Why?
Flags: needinfo?(mh+mozilla)
|
|
||
Comment 8•6 years ago
|
||
Linking at runtime requires duplicating most of the libsecret header definitions, which is really not what we want.
So what's the way forward here?
Flags: needinfo?(mh+mozilla)
|
|
||
Comment 9•6 years ago
|
||
I guess it'd be fair to vendor libsecret, then, although:
- Following the few code paths we use from the libsecret library, I see it's using g_main_loop_run, and I'm not sure how this is going to interact with Gecko. I also don't know where the OSKeyStore stuff from the security manager is supposed to run ; main thread or somewhere else.
- Considering the API surface being used is very narrow, I wonder if it wouldn't make sense to just use the DBUS API directly https://specifications.freedesktop.org/secret-service/.
Flags: needinfo?(mh+mozilla)
|
Assignee | |
Comment 10•6 years ago
|
||
It turns out the runtime loading approach is tenable, so we're going to explore that route.
Assignee: nobody → dkeeler
Priority: -- → P1
Summary: Vendor libsecret in Firefox code base → oskeystore: dynamically load libsecret if available (and fall back to nss otherwise)
Whiteboard: [npotb] → [psm-assigned]
|
|
Assignee | |
Comment 11•6 years ago
|
||
Enough linux-based systems don't have libsecret that we can't make it a
requirement on linux. For those that do, however, we can dynamically load the
library at runtime. For those that don't, we can fall back to NSS.
| Comment hidden (obsolete) |
| Comment hidden (obsolete) |
| Comment hidden (obsolete) |
|
|
Assignee | |
Comment 15•6 years ago
|
||
Ok, this is finally maybe ready to land: https://treeherder.mozilla.org/#/jobs?repo=try&revision=bb45b4d05205f04e99aca1fe8954fd3e8be7dfef
|
||
Comment 16•6 years ago
|
||
Pushed by dkeeler@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/15af035c0cf4
dynamically load libsecret at runtime if available r=franziskus,jcj
|
||
Comment 17•6 years ago
|
||
| bugherder | ||
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox66:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla66
|
||
Updated•6 years ago
|
status-firefox65:
--- → ?
|
||
Comment 18•6 years ago
|
||
Is this something which can ride the trains or should we consider it for uplift?
|
|
Assignee | |
Comment 19•6 years ago
|
||
If I'm reading the tea leaves correctly, form autofill/credit card storage isn't using this except on Nightly yet, so we should probably let this ride the trains (if I'm wrong about that, then we probably should uplift, since linux users would essentially see their credit card info disappear when they eventually upgrade to 66).
Flags: needinfo?(dkeeler)
|
||
Comment 20•6 years ago
|
||
You are right that the consumers are Nightly-only so this can ride the trains.
|
|
||
Comment 21•6 years ago
|
||
Thanks for the quick reply.
Blocks: oskeystore
|
||
Comment 22•5 years ago
|
||
Per this bug, I understand that oskeystore supports libsecret, which is great (libsecret and SecretService is the future!).
But I also understand that oskeystore is not activated and cannot be used as password manager in Firefox or Thunderbird.
Is that correct?
|
|
Assignee | |
Comment 23•5 years ago
|
||
Yes.
You need to log in
before you can comment on or make changes to this bug.
Description
•